As the US and South Korea conduct joint military exercises and shore up collaborative defenses against cyber threats, the Republic of Korea's National Intelligence Service accuses North Korea of a systematic campaign of hacking senior South Korean officials' smartphones. The objectives seem to be those of conventional espionage, but the incidents come at a difficult time of heightened sensitivity to Pyongyang's nuclear capabilities and aspirations.
ESET reports a new and unusually sophisticated form of Android malware. Spy[.]Agent[.]SI, currently most active against banking targets in Turkey, New Zealand, and Australia, locks an Android device's screen until the user enters the passcode. Spy[.]Agent[.]SI is being used to compromise two-factor authentication, and masquerades as a version of Adobe Flash Player.
The post-mortem on KeRanger continues. Apple clapped a stopper over it relatively quickly after being tipped off by Palo Alto, and it's thought that only some 7000 devices were affected. Observers see KeRanger, however, as confirmation of the increasingly important role ransomware is playing in the criminal economy.
Other, familiar, ransomware is found infesting restaurant review service Burrp. Visitors are directed to the Angler exploit kit, which in turn serves up a helping of TeslaCrypt.
In patch news, Google issues a security fix for Android Mediaserver.
Industry analysts take a look at the US cyber war against ISIS. Some of them see in the Pentagon's plans a $7 billion "windfall" for cyber security companies and the big integrators with whom they work.
In the UK, GCHQ glumly considers that return on its own substantial cyber investment has been disappointing.